From 2797a8451a2684d517cb734a8065f64565d81c51 Mon Sep 17 00:00:00 2001 From: Veronika Fisarova Date: Fri, 8 Sep 2023 09:22:47 +0200 Subject: [PATCH] Add the TLS struct support for service operators Initial commit Signed-off-by: Veronika Fisarova Signed-off-by: Veronika Fisarova --- modules/common/test/helpers/tls.go | 44 ++++++++++++++++++++++++++++++ modules/common/tls/tls.go | 39 ++++++++++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100644 modules/common/test/helpers/tls.go diff --git a/modules/common/test/helpers/tls.go b/modules/common/test/helpers/tls.go new file mode 100644 index 00000000..05f27e14 --- /dev/null +++ b/modules/common/test/helpers/tls.go @@ -0,0 +1,44 @@ +/* +Copyright 2023 Red Hat +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package helpers + +import ( + "github.com/openstack-k8s-operators/lib-common/modules/common/tls" + "github.com/openstack-k8s-operators/lib-common/modules/certmanager" +) + +// NewTLS - function to initialize and return a TLS struct. +func NewTLS(secretName string, caSecretName []string, disableNonTLSListeners bool) *TLS { + return &TLS{ + SecretName: secretName, + CaSecretName: caSecretName, + DisableNonTLSListeners: disableNonTLSListeners, + } +} + +// GetCASecretNameFromIssuer retrieves the CASecretName from an issuer object. +func GetCASecretNameFromIssuer(issuer *certmanager.Issuer) []string { + if issuer.CAIssuer != nil { + return []string{issuer.CAIssuer.SecretName} + } + return []string{} +} + +// GetSecretNameFromCertificate retrieves the SecretName from a certificate object. +func GetSecretNameFromCertificate(certificate *certmanager.Certificate) string { + if certificate.Certificate != nil { + return certificate.Certificate.Spec.SecretName + } + return "" +} diff --git a/modules/common/tls/tls.go b/modules/common/tls/tls.go index 1e7f590b..96dc58b8 100644 --- a/modules/common/tls/tls.go +++ b/modules/common/tls/tls.go @@ -15,8 +15,19 @@ limitations under the License. */ package tls +<<<<<<< HEAD // TLSSpec allows the configuration of the TLS used by the service type TLSSpec struct { +======= +package tls + +import ( + "github.com/openstack-k8s-operators/lib-common/modules/certmanager" +) + +// TLS allows the configuration of the TLS used by the service +type TLS struct { +>>>>>>> e52563d (Add the TLS struct support for service operators) // +kubebuilder:validation:Optional // Name of a Secret in the same Namespace as the service object, containing the server's private key & server's public certificate // The Secret must store these as tls.key and tls.crt, respectively. @@ -31,3 +42,31 @@ type TLSSpec struct { // When set to true, the service disables non-TLS endpoints, only clients supporting TLS are able to connect DisableNonTLSListeners bool `json:"disableNonTLSListeners,omitempty"` } +<<<<<<< HEAD +======= + +// NewTLS - function to initialize and return a TLS struct. +func NewTLS(secretName string, caSecretName []string, disableNonTLSListeners bool) *TLS { + return &TLS{ + SecretName: secretName, + CaSecretName: caSecretName, + DisableNonTLSListeners: disableNonTLSListeners, + } +} + +// GetCASecretNameFromIssuer retrieves the CASecretName from an issuer object. +func GetCASecretNameFromIssuer(issuer *certmanager.Issuer) []string { + if issuer.CAIssuer != nil { + return []string{issuer.CAIssuer.SecretName} + } + return []string{} +} + +// GetSecretNameFromCertificate retrieves the SecretName from a certificate object. +func GetSecretNameFromCertificate(certificate *certmanager.Certificate) string { + if certificate.Certificate != nil { + return certificate.Certificate.Spec.SecretName + } + return "" +} +>>>>>>> e52563d (Add the TLS struct support for service operators)